Anyone know server sizing requirements for this? Minimum cpu, memory and storage? Also, what is the recommended way to install?
I started by running the command scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csv on my PA220. root@Expedition:/PALogs# ls -ltotal 64296-rw-rw-r-- 1 expedition expedition 65830760 Aug 1 17:35 mltest.csvdrwxr-xr-x 2 www-data www-data 4096 Aug 1 ...
I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW): https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c Be sure to go Settings > M. Learning > and change the Expedition ML Address address to your VM's IP. Then return to the Dashboad and Start the Agent. [UPDATE 6.4...
Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini sudo vi /etc/php/7.0/apache2/php.ini go to line where this variable is defined upload_max_filesize = 2M and replace by upload_max_filesize = 250M There...
Hi, @sjanita @aestevez @dgildelaig We had a huge amount of Checkpoint clusters to be migrated (26) to Palo Alto. They’re reaching the end : 23 cluster migrated – 3 to be done. With one of the 3 remaining, our 'management' cluster, we hit an issue/limitation ? This is the cluster with the most heavy policy, routing etc : 15K objects, 3289 secur...
Running into a catch 22 with Expedition. Firewall is managed in panorama but I need to run ML on logs I retrieved from firewall. Cannot process unless I "detach" firewall from Panorama. If I attempt to discover in security policy (ML tag to all rules), the rules don't show up unless I add panorama and firewall to project. Expedition then tells m...
Hello, I would like to know what is the best option to migrate an EIGRP configuration to a Palo Alto dynamic routing protocol. My first idea was to use OSPF. But I have checked the ASA configuration and they have: - Prefix-list.- Route-maps.- Route commands. After that I think that the best is to use BGP, but I am not sure. Thanks in advance...
Hi, I'm trying to migrate a CP to Palo Alto via Expedition. I've been provided the CP files as per below screen dump but when I try and upload them Expedition fails with message "We need objects and policy files. Please upload them again." How can I correctly import the CP config? Thanks, Shannon
Hi everyone, I´m trying upload the output of dependencies of my Checkpoint FW to Expedition but have this error: Fatal error: Allowed memory size of 1073741824 bytes exhausted (tried to allocate 20480 bytes) in /var/www/html/bin/configurations/parsers/Checkpoint/CHECKPOINTR81.php on line 2240240 I tryed increase RAM, memory limits into ini...
Hi everybody, I have to migrate firewalls managed by old Panorama and having many local settings to new Panorama. When I do it using Expedition, DHCP configuration and management interface profiles are missing, so I have to add them to new Panorama config using CLI. Is there a way how to migrate whole local fw configuration to Panorama using Exp...
Does anyone know where the Machine_Learning path is created?
I have expedition deployed in my test environment, Ip 172.16.1.15. I would like to connect it to my VM300, 172.16.1.1. Internet accessibility and accessibility to the VM300 is definitely not a problem. I go to my devices, entire in all the relevant information for the connection, but when I get to the API keys and choose my username and pas...
Has anyone ran into an issue where Expedition stops booting? Currently it has stopped with (initramfs) and doesn't go any further. Running with VM Workstation.
I managing all firewalls in panorama, with all rules in devicegroups and none local rules. Is it possible to use panorama configuration in expedition but forwarding logs from the firewalls ? That way I save disk space on the expedition server by only sending the logs from the firewalls I want to use the expedition for and not the complete log fr...
I have a 2 live articles addressing the file export procedure from around April of 2019. Expedition version 1.1.66.2 shows a new procedure on the Checkpoint R80+ file import page requiring the download, install, and run of a jar file to compile and export files necessary for import into Expedition. The procedure involves uploading and running ...
I have a client trying to extract a policy from Checkpoint Manager running R80.20 and the script is failing with the error below: [4/15/20 2:16 PM com.checkpoint.mgmt_api.examples.MyLogger.debug()DEBUG]: Run command: 'show-gateways-and-servers' with details level 'full' [4/15/20 2:16 PM com.checkpoint.mgmt_api.examples.MyLogger.severe()SEVERE]...
Hello, I need to migrate the configuration from a CISCO ASA. I would like to know what file do I need. I have the output of the " show run" command and the output of the "tech-file". Thanks,
Hi Everyone, Does anyone able to migrate the EIGRP config in Expedition during migraition from other vendors like Cisco ASA , Checkpoint firewalls? I have a cisco ASA 5525 configured with EIGRP and when I imported the policy file into expedition for migration it does only showing the static routes and some unrelated information(XML code) abo...
Hi, I would like to migrate a couple of Checkpoint Firewalls to Paloalto but I’m not sure what’s the best approach to proceed with this migration. Also, Checkpoint has all blades ON with full configuration. Does Expedition migration tool able to migrate all Checkpoint Blades configuration? Is any documentation available for Checkpoint to Paloa...
reaper
on:
Preparing Exp Tool for Fortigate to PA migration
reaper
on:
Need to in Expedition tool from scrach
